Just a quick note from someone with a lot of Zope experience finding the world of Django very very interesting...
In Zope, there is a *lot* of flexibility in terms of authentication/authorization. I couldn't say whether it is full ACL or not, but it certainly seemed it to me. However, we rarely used all that flexibility, preferring roles based on 'student', 'staff', 'admin', 'supervisor' etc. That worked ok for us (very ok). All I'm after is some flexibility with the auth system - ie swap out the django system and replace with a MySQL/Postgres/LDAP/Shibboleth system as required. Please be careful that you don't make the system too unwieldy - the sheer size of the Zope user auth/permissions system got *very* tedious after a while... ;) Cheers, Tone
